[Discussion] Interesting project
Jason Lewis
jlewis at packetnexus.com
Wed Oct 22 01:44:14 UTC 2008
I agree that some of these xml standards are bloated and probably
overkill. My experience has been that all of these network devices use
their own format for data sharing and you end up having to write parsers
for each one. The best solution is probably an open engine that would
allow someone to write input and output services.
My only concern is yet another IDS (or whatever) that ignores the
benefit of a standard that anyone could use. For example, CVE has made
vulnerability reporting easier to process.
jas
Andre Ludwig wrote:
> My limited experience with IDMEF lead me to think of it as a 5000lb
> elephant attempting to tight rope walk across a large gorge on dental
> floss.
> (in case you were wondering I thought it was a large lumbering beast of
> a RFC that no one honestly cared about and felt it should be left for
> dead, which is apparently the case as there hasnt been much work done on
> it since 2005)
>
> Andre Ludwig
>
> Jason Lewis wrote:
> > Argonne adopted IDMEF for their communication.
>
> >
> https://www.anl.gov/it/Cyber_Security/Federations_for_Cyber_Defense/index.html
> > _______________________________________________
> > Discussion mailing list
> > Discussion at openinfosecfoundation.org
> > http://lists.openinfosecfoundation.org/mailman/listinfo/discussion
>
>
>
>
>
>
More information about the Discussion
mailing list